Today, 98 percent of IT leaders trust their cloud providers to keep their data secure – a rate that was practically unimaginable ten years ago. But despite the high trust numbers, Softchoice found in its latest report –The State of Cloud Readiness: IT Leaders Lost in the Cloud – that not all on the cloud security front is perfect.

A Crisis of Confidence

IT leaders’ anxiety toward cloud security has turned inward. While they trust their cloud providers to hold up their end of the security bargain, they are less confident in the security capabilities of their own internal teams, especially once cloud migration is underway.

Those closest to the daily strategies and processes of the cloud are especially concerned. Only 36 percent of IT managers and directors are highly confident in extending their own internal security policies to the cloud. Their senior counterparts (IT VP and C-level execs) are only slightly more confident – 46 percent of IT executives feel secure with their internal policies.

The gap between the two levels of IT leaders suggests that higher-level executives who have a more hands-off role in daily cloud processes take an aspirational view of their organization’s security policies. The fact that managers and directors – those closest to daily execution – have greater doubts should indicate that organizations’ cloud security policies and execution need more attention.

Bridging the Gap

What measures can they take to bridge the confidence gap? The solution to getting a better grasp on security efforts is two-fold.

First, IT leaders need to address the rift that exists among different levels of IT leadership. While IT also have their doubts, it’s a clear problem that confidence in security practices among managers and directors is markedly lower.

The disconnect likely doesn’t stop at a seniority standpoint either. Individual teams – such as developers, infrastructure specialists, and application process owners – often aren’t on the same page. IT teams incur security risks because they have not established the procedures, guidelines, and governance they need to ensure the security of their data and applications.

Addressing the issue may require a refresher on DevOps practices and a deeper embrace of those values to bring teams together. Organizations need to establish operational guidelines, the same way they do for deploying physical infrastructure. In designing an agreed-upon approach for cloud security success, the IT team can set a predictable path for the organization.

On top of improving communication internally, turning to outside partners will provide organizations the help they need.

Gaining control of cloud security initiatives requires the right skills. But the IT hiring market is laden with competition, so it’s not always feasible to bring in outside hires. Training internal talent poses time and money challenges as well, and doesn’t guarantee immediate protection on urgent matters like cloud security. Therefore, bringing in a partner is often the best option for securing migrated cloud workloads as soon as possible.

Cost optimization in the cloud is a universal issue, whether using Microsoft or another provider. According to research by Softchoice, 57% of IT leaders have exceeded their cloud budget at one point or another. Twenty percent have exceeded it by more than 20%. Any organization investing in the cloud, to any extent, can experience cost overruns.

Moving to public cloud often results in sticker shock, despite the conventional wisdom that cloud computing is a money-saver. However, a higher-than-expected AWS or Azure bill usually isn’t a sign that cloud migration was a mistake – only that it would benefit from cloud governance best practices that help control and optimize spend.

We use cookies to make your interactions with our website easy and meaningful. You can read more in our updated privacy policy. By continuing to use this site you are accepting our privacy policy and giving us your consent to store cookies on your machine.